After Chinese government hackers took the lead, cybercriminals are stepping in to try to monetize unpatched Exchange email servers: “This is poised to be pretty bad,” a Microsoft researcher said.
The already disastrous hacks of Microsoft Exchange servers, used by thousands of companies all over the world to manage their emails, just got worse.
On Thursday night, Microsoft reported that it had detected a new type of ransomware targeting Exchange servers. According to Philip Misner, Microsoft’s security program manager, the ransomware is called DoejoCrypt or DearCry. The ransomware gang is abusing the vulnerabilities that Chinese government hackers and other state-sponsored groups have been abusing for weeks, as Microsoft revealed at the beginning of March. According to news reports, the Chinese government hackers, who were the first to exploit the vulnerabilities, have broken into more than 30,000 companies in the US, and hundreds of thousands all over the world.